A security researchers' thoughts on cybersecurity education, training, AND hacking ALL THE THINGS: web, mobile, cloud, etc.
Another day, another challenge.
I’m restarting the series #PwnItFriday where I hack machines from hackthebox and TryHackMe.
Without further ado, the machine I’m solving today is Synced.
Topics explored in this machine are connecting to a Rsync server, networking protocols, reconnaissance, and anonymous/guest access.
Click the video to learn how to solve this machine!
Like the content — support by Buying a Coffee
Another day, another challenge.
I’m restarting the series #PwnItFriday where I hack machines from hackthebox and TryHackMe.
Without further ado, the machine I’m solving today is Mongod.
Topics explored in this machine are connecting to a web servers, databases, reconnaissance, misconfigurations, and anonymous/guest access.
Click the video to learn how to solve this machine!
Like the content — support by Buying a Coffee
Another day, another challenge.
I’m restarting the series #PwnItFriday where I hack machines from hackthebox and TryHackMe.
Without further ado, the machine I’m solving today is Redeemer.
Topics explored in this machine are connecting to a Redis server, vulnerability assessments, database, reconnaissance, and anonymous/guest access.
Click the video to learn how to solve this machine!
Like the content — support by Buying a Coffee
Another day, another challenge…
In this post, we’re starting a new series, the Advent of Cyber, hosted by TryHackMe. This is the fourth year of the Advent of Cyber, where a challenge is released every day leading to Christmas. There will be 25 challenges; we’re McSkidy, an elf trying to save Christmas.
In our twenty-fourth challenge, we’re wrapping up the final details for Santa to safely deliver presents to the children.
The topics explored in this challenge are a survey of the Advent of Cyber event. Other rooms to explore to continue learning about cybersecurity, and finally, the last day to be eligible to receive prizes is December 28th.
Did the elves save Christmas? Find out below!
If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007
Another day, another challenge…
In this post, we’re starting a new series, the Advent of Cyber, hosted by TryHackMe. This is the fourth year of the Advent of Cyber, where a challenge is released every day leading to Christmas. There will be 25 challenges; we’re McSkidy, an elf trying to save Christmas.
In our twenty first challenge, we’re tasked with determining if the web camera on our device has any vulnerabilities. The elves are confident there are no vulnerabilities, but we’ll check to see if there are any off-the-shelf exploits are available to exploit the device.
The topics explored in this challenge are learning what are IoT (Internet of Things), and their (potential security vulnerabilities). The different protocols surrounding IoT. Finally, understanding the publish/subscribe model that is used for IoT.
Can we help Santa find the weaknesses on the web server before the bad guys? Find out below!
If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007
Another day, another challenge…
In this post, we’re starting a new series, the Advent of Cyber, hosted by TryHackMe. This is the fourth year of the Advent of Cyber, where a challenge is released every day leading to Christmas. There will be 25 challenges; we’re McSkidy, an elf trying to save Christmas.
In our twenty-third challenge, we’re tasked as Bad Yeti to get Santa’s Vault password and flags. The challenge grows in difficulty as more defense layers are added.
The topics explored in this challenge are in-depth defense tactics such as disrupting adversarial objectives by reviewing the three levels of defense. The first level focuses on perimeter security. The second level focuses on defense in layers with an emphasis on prevention. The third and final level builds upon level two but adds alerting and response capabilities.
Can we beat the game with the different defense layers in place? Find out below!
If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007
Another day, another challenge…
In this post, we’re starting a new series, the Advent of Cyber, hosted by TryHackMe. This is the fourth year of the Advent of Cyber, where a challenge is released every day leading to Christmas. There will be 25 challenges; we’re McSkidy, an elf trying to save Christmas.
In our twenty-second challenge, the elves want to improve Santa’s security posture after the recent attempts to disrupt Christmas.
The topics explored in this challenge are understanding an attack vector and the concept of an attack surface.
Can we help the elves update Santa’s servers before Christmas? Find out below!
If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007
Another day, another challenge…
In this post, we’re starting a new series, the Advent of Cyber, hosted by TryHackMe. This is the fourth year of the Advent of Cyber, where a challenge is released every day leading to Christmas. There will be 25 challenges; we’re McSkidy, an elf trying to save Christmas.
In our ninth challenge, we discover there’s a recent incident. Because of this, Santa wanted to set up a web application running on Docker as it’s supposed to be more secure. Our job is to show there are still weaknesses while using Docker.
The topics explored in this challenge are Metasploit, which can be used to compromise systems. We also learned network pivoting and post-exploitation.
Can we help Santa find the weaknesses on the web server before the bad guys? Find out below!
If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007
Another day, another challenge…
In this post, we’re starting a new series, the Advent of Cyber, hosted by TryHackMe. This is the fourth year of the Advent of Cyber, where a challenge is released every day leading to Christmas. There will be 25 challenges; we’re McSkidy, an elf trying to save Christmas.
We had a hardware implant in Santa’s workshop in our nineteenth challenge. We have to analyze the implant to understand how it works.
The topics explored in this challenge are hardware communication protocols such as USART, SPI, and I2C. Along with how to analyze these protocols.
Can we help Santa determine how the hardware implant works? Find out below!
If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007
Another day, another challenge…
In this post, we’re starting a new series, the Advent of Cyber, hosted by TryHackMe. This is the fourth year of the Advent of Cyber, where a challenge is released every day leading to Christmas. There will be 25 challenges; we’re McSkidy, an elf trying to save Christmas.
In our twentieth challenge, we’re learning more about the device found in Santa’s workshop. In this challenge, we learned the Device ID, and now we have to reverse engineer the device to determine the firmware and endpoints.
The topics explored in this challenge are firmware reverse engineering, extracting code from firmware, and modifying and rebuilding firmware.
Can we reverse-engineer the device to help Santa? Find out below!
If you enjoy my content, buy me a coffee. Link –> http://buymeacoffee.com/thefluffy007
You must be logged in to post a comment.